CN213937969U - Illegal network access link blocking device based on OSI third layer - Google Patents
Illegal network access link blocking device based on OSI third layer Download PDFInfo
- Publication number
- CN213937969U CN213937969U CN202022827898.3U CN202022827898U CN213937969U CN 213937969 U CN213937969 U CN 213937969U CN 202022827898 U CN202022827898 U CN 202022827898U CN 213937969 U CN213937969 U CN 213937969U
- Authority
- CN
- China
- Prior art keywords
- data
- interface
- access link
- processing board
- network access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The utility model discloses an illegal network access link blocking device based on OSI third layer, which comprises a housin, inside power step-down plate and the data processing board of being provided with of casing, the output and the data processing board of power step-down plate are connected for trun into 12V power and 5V power with 220V alternating current power supply for the data processing board uses altogether through the rectifier bridge, the data processing board respectively with data input interface and the data output interface connection of casing front end setting, data input interface connection user end service system network and equipment, data output port is connected with the main website. The data packets can be selected in real time according to the service configuration and transmitted to the network device converged by the center through the user equipment.
Description
Technical Field
The utility model belongs to the technical field of computer network and information system, concretely relates to network access link blocking device violating rules based on OSI third layer.
Background
With the rapid development of national economy, the demand of people on networks is increasing, and the network security protection of information systems and power plant power monitoring systems is becoming more and more important.
The network security of the power monitoring system mainly comprises three aspects of production management information, production control information and a communication network system. As an important component of an information system and an electric power monitoring system, a computer network system plays an important role in the safety of an electric power system, and in the current development stage, the computer network monitoring system of an electric power enterprise in China has many problems, for example, a problem exists in software installation, software unconsciously sends an illegal network request message to an electric power dispatching network, and installs and runs illegal remote control software, so that the development of the electric power enterprise is restricted to a certain extent, and the safety of the whole network is affected. Under the condition, the importance of researching and inventing a device capable of blocking the illegal network message at the station control layer is more and more prominent.
The existing network security technology and power monitoring system networking technology are as follows: each user station is directly connected with the dispatching center through a longitudinal encryption technology and can directly access each network service and message of the dispatching center, the dispatching center only stipulates that each IP of the user station can access a certain IP of the dispatching center through the longitudinal encryption technology, and the function of transmitting data to the dispatching center only through a specific port cannot be realized according to the prior art, so that the minimum configuration of network safety is not met.
SUMMERY OF THE UTILITY MODEL
The utility model aims to solve the technical problem that to the not enough among the above-mentioned prior art, provide a network access link blocking device violating rules and regulations based on OSI third layer, can come the real-time network device who selects the data package to assemble to the center through user equipment transmission according to the business configuration.
The utility model adopts the following technical scheme:
the utility model provides a violation network access link blocking device based on OSI third layer, includes the casing, and casing inside is provided with power step-down board and data processing board, and the output and the data processing board of power step-down board are connected, and the data processing board is connected with the data input interface and the data output interface that the casing front end set up respectively, and the data processing board is used for sending the data package that satisfies the requirement of setting for the threshold value, and data input interface connects user end service system network and equipment, and data output port is connected with the main website.
Specifically, the data processing board is provided with a main control chip, the data input interface is connected with the main control chip through an Ethernet AD/DA conversion module, and after the main control chip is compared with a set threshold value, the data input interface is sent to the data output interface through the Ethernet AD/DA conversion module.
Specifically, the front end of the shell is also provided with a management interface, the management interface is an RJ45 interface, and the management interface is connected with the data processing board.
Specifically, the data input interface is 16 ports, 1-10 ports are service access ports in the station, 15-16 ports are uplink ports, and 11-14 ports are reserved.
Specifically, the data input interface and the data output interface are both RJ45 interfaces.
Specifically, the rear end of the shell is provided with a power interface, and the input end of the power voltage reduction plate is connected with the power interface.
Specifically, the rear end of the housing is provided with a grounding end, and the grounding end is connected with the housing.
Compared with the prior art, the utility model discloses following beneficial effect has at least:
the utility model relates to a network access link blocking device violates rules and regulations based on OSI third layer, can promote private network's network security by a wide margin, minimum configuration requirement among the network security is satisfied, make similar dispatch center, control center's network security obtains guaranteeing, even certain subscriber station infects the virus, also unable network transmission to control center through the network, thereby avoid the large tracts of land network infection, the subscriber station authority can not control dispatch center or other subscriber stations, the security and the uniqueness of subscriber station data are ensured, subscriber station data only can bind port and VLAN transmission to the port of going upward through physics, avoid ARP attack.
The technical solution of the present invention is further described in detail by the accompanying drawings and examples.
Drawings
Fig. 1 is a schematic structural diagram of the present invention.
Wherein: 1. a housing; 2. a data input interface; 3. a data output interface; 4. a power interface; 5. a management interface; 6. and a ground terminal.
Detailed Description
The technical solutions in the embodiments of the present invention will be described clearly and completely with reference to the accompanying drawings in the embodiments of the present invention, and it should be noted that when one component is considered to be "connected" to another component, it may be directly connected to the other component or several components may exist at the same time. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It should also be noted that, unless expressly stated or limited otherwise, the terms "mounted," "connected," and "connected" are to be construed broadly and can include, for example, fixed connections, removable connections, or integral connections; either mechanically or electrically, and may be internal to both elements. The specific meaning of the above terms in the present invention can be understood in specific cases to those skilled in the art. The terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention.
It should be further noted that in the description of the present invention, it should be noted that the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc. indicate the orientation or positional relationship based on the orientation or positional relationship shown in the drawings, which is only for the convenience of describing the present invention and simplifying the description, but does not indicate or imply that the device or element referred to must have a specific orientation, be constructed and operated in a specific orientation, and thus, should not be construed as limiting the present invention.
Please refer to fig. 1, the utility model relates to a violation network access link blocking device based on OSI third layer, which comprises a housin 1, the front end of casing 1 is provided with two data input interface 2, two data output interface 3 and management interface 5, the rear end of casing 1 is provided with two power source 4 and earthing terminal 6, data input interface 2 connects user end service system network and equipment, communicate with equipment through configuration intranet IP, data output port 3 is connected with the main website, with compliance data transfer to the main website, equipment inside has virtual network connection main control chip and is used for judging whether the data package is legal.
The violation network access link blocking device based on OSI third layer has 2 integrated circuit boards, which are power voltage reducing board and data processing board, wherein the power voltage reducing board can convert 220V AC power into 12V power and 5V power through rectifier bridge for data processing board, the data processing board integrates data input interface, data output interface and management interface, all interfaces adopt RJ45 interface, in addition, the data processing board also has EC power management chip group, CPU main control chip and memory chip, the data input interface 2 converts the pulse signal on the network cable into 8bit binary signal that the main control chip can recognize through fast Ethernet AD/DA conversion module, after logic processing set in the main control chip, the signal is sent to the data output interface 3 through fast Ethernet AD/DA conversion module, the binary signal is converted into pulse signal on the network cable and transmitted to the using equipment, the internal management interface is connected with the background management interface of the main control chip by adopting an AD/DA conversion module so as to be convenient for configuration by logging in a background in an IP (Internet protocol) mode TELNET (Telnet).
The data input interface 2 is 16 ports, wherein 1-10 ports are service access ports in the station, 15-16 ports are uplink ports, 11-14 ports are standby, and the ports are closed under normal conditions.
To sum up, the utility model relates to a violation network access link blocking device based on OSI third layer, promote private network's network security by a wide margin, minimize configuration requirement among the network security is satisfied, make similar dispatch center, control center's network security obtains guaranteeing, even certain subscriber station infects the virus, also can't send control center through the network, thereby avoid the large tracts of land network to infect, the subscriber station authority can not control dispatch center or other subscriber stations, the security and the uniqueness of subscriber station data are ensured, subscriber station data only can bind port and VLAN transmission to the port of going upward through physics, avoid ARP attack.
The above contents are only for explaining the technical idea of the present invention, and the protection scope of the present invention cannot be limited thereby, and any modification made on the basis of the technical solution according to the technical idea of the present invention all fall within the protection scope of the claims of the present invention.
Claims (7)
1. The utility model provides a violation network access link blocking device based on OSI third layer, characterized in that, including casing (1), casing (1) is inside to be provided with power step-down board and data processing board, the output and the data processing board of power step-down board are connected, the data processing board is connected with data input interface (2) and data output interface (3) that casing (1) front end set up respectively, the data processing board is used for sending the data packet that satisfies the requirement of setting for the threshold value, data input interface (2) are connected user end service system network and equipment, data output interface (3) are connected with the main website.
2. The device for blocking the illegal network access link based on the third layer of the OSI claim 1, wherein the data processing board is provided with a main control chip, the data input interface (2) is connected with the main control chip through an ethernet AD/DA conversion module, and after the comparison between the main control chip and the set threshold, the data input interface is sent to the data output interface (3) through the ethernet AD/DA conversion module.
3. An OSI layer three based violating network access link blocking device as claimed in claim 1, wherein the front end of the housing (1) is further provided with a management interface (5), the management interface (5) is RJ45 interface, and the management interface (5) is connected with the data processing board.
4. The device for blocking the illegal network access link based on the third layer of OSI according to claim 1, wherein the data input interface (2) is 16 ports, 1-10 ports are service access ports in the station, 15-16 ports are uplink ports, and 11-14 ports are standby ports.
5. An OSI layer three based illegal network access link blocking device according to claim 1, characterized in that the data input interface (2) and the data output interface (3) are both RJ45 interfaces.
6. The device for blocking an illegal network access link based on OSI layer three according to claim 1, characterized in that the rear end of the housing (1) is provided with a power interface (4), and the input end of the power step-down board is connected with the power interface (4).
7. The device for blocking an offending network access link based on OSI layer three in claim 1, characterized in that the rear end of the housing (1) is provided with a ground terminal (6), and the ground terminal (6) is connected with the housing (1).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202022827898.3U CN213937969U (en) | 2020-11-30 | 2020-11-30 | Illegal network access link blocking device based on OSI third layer |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202022827898.3U CN213937969U (en) | 2020-11-30 | 2020-11-30 | Illegal network access link blocking device based on OSI third layer |
Publications (1)
Publication Number | Publication Date |
---|---|
CN213937969U true CN213937969U (en) | 2021-08-10 |
Family
ID=77146412
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202022827898.3U Expired - Fee Related CN213937969U (en) | 2020-11-30 | 2020-11-30 | Illegal network access link blocking device based on OSI third layer |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN213937969U (en) |
-
2020
- 2020-11-30 CN CN202022827898.3U patent/CN213937969U/en not_active Expired - Fee Related
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2339792B1 (en) | Method for accessing USB device attached to home gateway, home gateway and terminal | |
CN103152183A (en) | Electric modem switching device and method for mutual switching of electric signals and network signals | |
CN106302371A (en) | A kind of firewall control method based on subscriber service system and system | |
CN112040463A (en) | Wireless communication network networking method and system based on LoRa equipment | |
CN109587230B (en) | Remote control terminal and control method for Internet of things | |
CN213937969U (en) | Illegal network access link blocking device based on OSI third layer | |
CN204719759U (en) | A kind of computer network virus shielding system | |
US11930071B2 (en) | Network adapter for unidirectional transfer of data | |
CN206506293U (en) | A kind of lightning protection circuit of Ethernet interface | |
CN116015988A (en) | Gigabit PoE extender | |
CN219018829U (en) | Plug-and-play communication encryption device for power distribution network | |
CN204836219U (en) | Wireless router suitable for government affairs official working | |
CN206211667U (en) | A kind of Intelligent power distribution terminal based on MANET radio communication | |
CN213279714U (en) | Router with hardware firewall | |
CN219893335U (en) | Wireless bridging switch based on WIFI6 communication | |
CN214174880U (en) | Transmission control device for new safety partition of power plant Internet of things | |
CN219980843U (en) | Remote serial port debugging gateway | |
CN214311388U (en) | Multi-channel serial port control equipment based on TD-LTE5800 system | |
CN214098678U (en) | Modulation infrared ammeter communication relay forwarding device | |
CN106655142B (en) | A kind of lightning protection circuit of Ethernet interface | |
CN201345063Y (en) | AC regulated power supply with network access function | |
CN216795024U (en) | Protocol conversion gateway | |
CN213602644U (en) | Photoelectric converter | |
CN212969709U (en) | Electric power longitudinal encryption authentication gateway device | |
WO2024098948A1 (en) | Communication methods, storage medium and program product |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20210810 Termination date: 20211130 |
|
CF01 | Termination of patent right due to non-payment of annual fee |